Principal Information Security Manager (SaaS)

TL;DR

Principal Information Security Manager (Cybersecurity): Scaling the information security program to be investor-ready and AI-efficient within a B2B SaaS environment with an accent on governance, compliance, and customer trust. Focus on leading ISO 27001/SOC 2 audit cycles, automating security workflows with AI, and managing enterprise customer security reviews.

Location: Hybrid in Berlin, Chemnitz, or Dresden, Germany

Company

AI-native Employee Experience Platform and Unicorn company helping organizations unlock the power of inspirational communication.

What you will do

• Lead ISO 27001 and SOC 2 audit cycles end-to-end, including preparation, evidence collection, and remediation.
• Manage responses to enterprise customer security questionnaires and RFPs, representing the company in security reviews.
• Maintain the risk register and drive risk treatment decisions and vendor security assessments.
• Own the internal security policy framework and design security awareness programs to change behavior.
• Own the incident response plan, lead execution during incidents, and drive post-incident reviews.
• Identify and implement AI-assisted workflows to reduce manual effort in compliance and operations.

Requirements

• 5+ years of hands-on InfoSec experience in a SaaS or B2B tech company.
• Proven ownership of ISO 27001 and/or SOC 2 programs.
• Track record of representing InfoSec to enterprise customers during security reviews and escalations.
• Fluent in German and English.
• Ability to work in a hybrid model from Berlin, Chemnitz, or Dresden.

Nice to have

• Experience supporting M&A or investor due diligence processes.
• Practical understanding of cloud security architecture.
• Relevant certifications such as CISM, CISSP, or ISO 27001 Lead Auditor/Implementer.

Culture & Benefits

• Competitive salary package including a Long Term Incentive Plan (LTIP).
• Flexible working models with a yearly flex work allowance of €1560.
• 31 vacation days annually, including pro rata fully paid Fridays off during August.
• Company pension scheme.
• One paid volunteer day per year for supporting social projects.